Block Requests

PageSpeed Service was turned off on August 3rd, 2015. Please see Turndown Information for PageSpeed Service.

Description

PageSpeed Service allows you to block user requests based on an URL wildcard pattern, IP address range or User-Agent identifier. These requests will be blocked by PageSpeed Service at a proxy level and will not reach your origin servers. To block requests, log into the Google APIs Console and select the Bandwidth menu under PageSpeed Service.

'Block Requests' panel in project console page

This feature is useful in case the origin servers are being overloaded, such as due to a denial-of-service (DOS) attack, and you know the attack URL, IP address, or UserAgent patterns. You can block these requests using these patterns and protect your origin servers from harm. All requests that match the rules you have set will receive a 523 error code.

Usage

Rules for blocking requests can be defined in three ways:

  1. Block requests based on URLs: You can specify URL patterns that will be blocked by PageSpeed Service. You can enter these rules one line per rule. Also wildcards like * and ? can be used.
    e.g.: The pattern *example.com/badUrl* will block all URLs that have example.com/badUrl in it.
  2. Block requests based on IP: You can specify a single IP or a range of IP addresses to block.
    e.g.: The pattern 72.100.2.* will block all requests from all IP addresses in the range 72.100.2.1 to 72.100.2.255.
  3. Block requests based on User Agent: You can specify rules to block all requests coming from specific User-Agents (browsers).
    e.g.: To block all requests coming from a BOT with an User-Agent name containing the word AttackBot you can specify a rule like *AttackBot*.

Important Note: This feature will block request from users and hence should be used carefully. Always verify the patterns you have specified such that they do not block requests you did not mean to.
For example, the pattern *test* will block the URL http://www.example.com/test/ as well as http://test.example.com/, which may not be what you intended. We recommend using the most restrictive pattern possible to cover your target URLs, eg. http://www.example.com/test/*.